<?php

session_start();
srand((double)microtime()*1000000);
$number=$_POST['number'];

include_once "function_net_misc.php";
if(isset($HTTP_SESSION_VARS["authnum"]))
	if($number != $HTTP_SESSION_VARS["authnum"] || empty($number))
	{
		$log = "Unknow user ". USERLOGIN_NO;
		SysLogString(2,$log);
		echo("<meta http-equiv='refresh'content=0;URL='login_image_error.htm'>");   
	}
	else
	{
		include_once "function_auth.php";

		$name = $_POST['username'];
		$pass = $_POST['password'];

		$date = date("F j, Y, g:i a");

		if (CheckSysPassWord($pass, $name))
		{
			$_SESSION['UserName'] = $name;
			$_SESSION['PassWord'] = $pass;
			$_SESSION['LoginTime'] = $date;
			$_SESSION['Flag'] = "Mini";
		
			include_once "function_misc.php";
			$level = GetSystemLicenseLevel();
			
			$_SESSION['LEVEL'] = $level;

			include_once "function_admin_manage.php";
			$sys_list = GetXmlSysAdminByName($name);
			$role_list = SplitAdminRoleList($sys_list["AdminType"]);
			$_SESSION['Right'] = GetAdminDisplayText($sys_list['AdminType']);
		
			$_SESSION["ACCOUNT"] = FALSE;
			$_SESSION["SUPER"]   = FALSE;
			$_SESSION["NORMAL"]  = FALSE;
			$_SESSION["DESIGN"]  = FALSE;
			$_SESSION["AUDIT"]   = FALSE;
			foreach ($role_list as $r)
			{
				if ( $r == 1)
				{	
					$_SESSION["ACCOUNT"] = TRUE;
				}
				if ( $r == 2)
				{
					$_SESSION["SUPER"] = TRUE;
				}
				if ( $r == 3)
				{
					$_SESSION["NORMAL"] = TRUE;
				}
				if ( $r == 4)
				{
					$_SESSION["DESIGN"] = TRUE;
				}
				if ( $r == 5)
				{
					$_SESSION["AUDIT"] = TRUE;
				}
			}
			$log = $name. USERLOGIN_OK;
			SysLogString(3,$log);
			echo("<meta http-equiv='refresh'content=0;URL='index_main.php'>");   
		}
		else
		{
			$log = $name. USERLOGIN_NO;
			SysLogString(2,$log);
			echo("<meta http-equiv='refresh'content=0;URL='login_passwd_error.htm'>");   
		}	
	}
else
{
	$log = "Unknow user". USERLOGIN_NO;
	SysLogString(2,$log);
	echo("<meta http-equiv='refresh'content=0;URL='login_image_error.htm'>");   
}


?>
